(12) INTERNATIONAL APPLICATION ^UBLISiIeD UNDER THE PATENT COOPERATION TREATY (PCT) 



(19) World iDtellectual Property OrganizatioD 
International Bureau 

(43) International Publication Date 
9 January 2003 (09.01.2003) 




PCT 



liliiilllliilllilililillliil^ 

(10) International Publication Number 

WO 03/003242 Al 



(51) lateraational Patent Classification^: G06F 17/30, 
9/445. 12/14, H04L 9/28 

(21) International Application Number: PCT/AU02/00847 

(22) International Filing Date: 28 June 2002 (28.06.2002) 

(25) Filing Language: English 

(26) Publication Language: English 



(30) Priority Data: 

PR 6026 
PR 6027 
PR 6028 



29 June 2001 (29.06.2001) AU 
29 June 2001 (29.06.2001) AU 
29 June 2001 (29.06.2001) AU 



(71) Applicant (for all designated States except US): SECURE 
SYSTEMS LIMITED [AU/AU]; 16 Qrd Street, West 
Perth, Western Australia 6005 (AU). 

(72) Inventors; and 

(75) Inventors/Applicants (for US only): HEARN, Michael, 
Alfred [AU/AU]; 1 Urawa Road, Duncraig, Western Aus- 
tralia 6023 (AU). KABZINSKI, Richard [AU/AU]; 5 Bal> 
ladonia Drive, Ellenbrook, Western Australia 6069 (AU). 



(74) Agent: WRAY & ASSOCIATES; 239 Adelaide Terrace, 
Perth, W.A. 6000 (AU). 

(81) Designated States (national): AE, AG, AL, AM, AT, AU, 
AZ, BA, BB, BG, BR, BY, BZ, CA, CH, CN, CO, CR, CU, 
CZ, DE. DK, DM, DZ, EC, EE, ES, H, GB, GD, GE, GH, 
GM, HR, HU, ID, IL, IN, IS, JP, KE, KG, KP, KR, KZ, LC, 
LK, LR, LS, LT, LU, LV, MA, MD, MG, MK, MN, MW, 
MX, MZ, NO, NZ, OM, PH, PL, PT, RO, RU, SD, SE, SG, 
SI, SK, SL, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, 
VN, YU, ZA, ZM, ZW. 

(84) Designated States (regional): ARIPO patent (GH, GM, 
KE, LS, MW, MZ, SD, SL, SZ, TZ, UG, ZM, ZW), 
Eurasian patent (AM, AZ, BY, KG, KZ, MD, RU, TJ, TM), 
European patent (AT, BE. CH. CY. DE, DK, ES. FI, FR, 
GB, GR. IE, IT, LU, MC, NL, PT, SE, TR), OAPI patent 
(BF, BJ, CF, CG, CI, CM. GA. GN, GQ. GW. ML, MR, 
NE, SN, TD, TG). 

Published: 

— with international search report 



[Continued on next page] 



^ (54) Title: SECURITY SYSTEM AND METHOD FOR COMPUTERS 




15 



'ST 



> 



Z_ 



23 




27 










1 " 




19 




O 



(57) Abstract: A computer security device (35) comprising a processor (37) that is independent of the host CPU (13) for controlling 
access between the host CPU (13) and the storage device (21). A program memory (41) that is independent of the computer memory 
and the storage device (21) unalterably stores and provides computer programs for operating the processor (37) in a manner so as to 
control access to the storage device (21). The security device (35) is connected only in line with the data access channel (33) between 
the host CPU (13) and the storage device (21), and off the main data and control bus (15) of the host CPU (13). All data access by the 
host CPU (13) to the data storage device (21) is blocked before initialisation of the security device (35) and is intercepted immediately 
after the initialisation under the conttol of the processor (37). The processor (37) effects independent control of the host CPU (13) 
and configuration of the computer (1 1) to pre^vent unauthorised access to the storage device (21) during the interception phase. All 
users of the computer (11) are authenticated with a prescribed profile of access to the storage device (21) and data access to the 
storage device remains blocked untU a user of the computer (1 1) is correctly authenticated. 
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Security System and Method for Computers 



Field of the Invention 

This invention relates to a security system for securing data and Infomnation 
5 stores in computer systems and a method of securing the same. 

In the context of this specification, a computer system is defined to include a 
computer having a central processing unit (CPU) and a storage device, which 
may be a hard disk, CD R/\N or other read/writeable data storage media or any 
combination of the same, and a network incorporating one or more such 
10 computers, as in a client server system. 

Throughout the specification, unless the context requires otherwise, the word 
"comprise" or variations such as "comprises" or "comprising", will be understood to 
Imply the inclusion of a stated integer or group of integers but not the exclusion of 
any other integer or group of integers. 

1 5 Background Art 

In these days of widespread computer usage, data stored on a computer system 
Is becoming increasingly accessible to a variety of users. This may occur directly 
in real time via local and/or remote use of a computer system by different users or 
indirectly via the loading and running of computer programs at predetermined 

20 times automatically or manually by a user of the computer system. With the 
advent of computer networks allowing remote access to computer systems via 
local area networks and wide area networics such as the Internet, and the ready 
transfer of computer programs and data between computer systems, either 
manually via floppy disks and CD ROMs or automatically via computer networks, 

25 the security and integrity of data and infomiation stored on the read/write stores of 
computers is becoming Increasingly of paramount importance. 
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It is now common place for computer systems to Incorporate "antl-vlrus" software 
in order to protect the data and infomiatlon stored on the storage device thereof 
from hostile computer programs, and user authentication procedures allowing 
predetermined levels of access to data and infonnation stored on the storage 
5 device of the computer system, dependent upon the status of the user. 

A problem with most types of anti-vims software and user authentication protocols 
used today is the very fact that they are embodied In software, which Is required 
to be executed under the control of the operating system of the computer. Hence, 
a pre-requisite for such anti-virus or user authentication software to function 
10 correctly is that the computer system must be able to power-on, boot-up and 
invoke the operating system "cleanly", without any virus or security defeating 
processes affecting the computer during this time. 

In the case of anti-vims software, most of this software depends upon having 
some knowledge of the virus or type of vims that it is attempting to secure the 
15 system from. Hence, tiie anti-virus software needs to be constantiy updated and 
entered onto tiie computer system before a particular vims finds its way to the 
computer system. 

As certain vimses can be extremely hostile and destmctive to computer systems, 
the lag time between the first occunence of a vims and the production of software 

20 to combat the vims still creates a wndow within which oftentimes ineparable 
damage can occur to certain computer systems infected witii such a vims. 
Indeed, the production of vimses and anti-vims software does have a tendency to 
be self-perpetuating. Thus whilst better solutions may have been proposed ip the 
past to combat vimses and ensuring the security of data and information, the state 

25 of the art has remained around adopting a software approach to deal witii tiie 
problem. 

Notwitiistanding tills, various hardware-based solutions, which are intrinsically 
more reliable and resilient In preventing vims or unautfiorised access to data 
stored on a computer system, have been proposed In tiie past. However, tiiese 
30 have been awkward to apply, restiicted In their adaptablility to different and 
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changlng formatting standards or have required user Interaction of a teclinlcal 
nature well beyond the mere loading of executable programs, In order to make 
them effeclive or even operational. 

Disclosure of the Invention 

5 It is an object of the present invention to provide more robust protection for data 
and infonmation stored on a computer system from unauthorised access and/or 
misuse. 

!n accordance with one aspect of the present Invention, there is provided a 
security device for a computer having a host central processing unit (CPU), 
10 memory used by the host CPU to load programs in order to operate the computer 
and a storage device for storing data to be handled by the computer, the security 
device comprising: 

processing means independent of the host CPU for controlling access 
between the host CPU and the storage device; and 

15 program memory means independent of the memory of the computer and 

the storage device to unalterably store and provide computer programs for 
operating the processing means in a prescribed manner to control said 
access; 

wherein the security device is to be connected only in line with the data 
20 access channel between the host CPU and the storage device, and off the 

main data and control bus of the host CPU. 

Preferably, the security device includes memory store means independent of the 
memory means and the storage device of the computer to store critical data and 
control elements associated witii the basic operation of tiie computer and access 
25 to the storage device. 
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Preferably, said critical data and control elements are supplied to and used by the 
host CPU for verification of the storage device and operating the computer 
independently of the storage device during the start up sequence of the computer. 

Preferably, the security device comprises authentication means to authenticate a 
5 user of the computer having a prescribed profile of access to the storage device. 

Preferably, the authenitication means includes a login verifying means to enable a 
user of the computer to enter a login identification and password and have that 
login identification and passwond verified to authenticate said user being an 
authorised user of the computer having a prescribed profile of access to the 
10 storage device before allowing the start up sequence of the computer to proceed 
further. 

Preferably, said login Identification and passwords of authorised users and the 
prescribed profile of access thereof forni part of said critical data and control 
elements and said login verifying means accesses said critical data and contn^l 
15 elements to effect authentication of a user. 

Preferably, the prescribed profile of access comprises a prescribed allocation of 
predetennined levels of access pemiitted for an authorised user of tine computer 
to prescribed partitions or zones of the storage device. 

Preferably, tine security device Includes intercepting means to block all data 
20 access by the host CPU to tfie data storage device before initialisation of tiie 
security device and intercept all said data access Imrhediately after said 
initialisation under the control of said processing means. 

Preferably, said critical data and conti^ol elements include Identification data In 
respect of tiie storage device for enabling the computer to complete its peripheral 
25 check during said start up sequence. 
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Preferably. said critical data and control elements include a custom boot sector 
that includes invoking said authentication means for assuming operation of the 
computer during said start up sequence. 

Preferably, the authentication means includes an authentication application 
5 program stored in the program memory means, the memory store means or the 
storage device. 

Preferably, the authentication application program includes user editing means to 
enable an authorised user having a particular prescribed level of access to create 
and edit authorised users for accessing the storage device. 

10 Preferably, the authentication application program includes access profile .editing 
means to enable said authorised user having a particular prescribed level of 
access to allocate and edit particular predetermined levels of access to said 
prescribed partitions or zones for all authorised users having access to the 
storage device. 

15 In accordance with another aspect of the present invention, there is provided a 
method for securing and protecting a storage device for storing data to be handled 
by a computer from unauthorised access, the computer having a host central 
processing unit (CPU) and memory used by the host CPU to load programs In 
order to operate the computer and storage device, the method comprislng:- 

20 controlling access between the host CPU and the storage device 

independently of the host CPU; and 

unalterably storing computer programs for effecting said controlling access 
in a location separate from the memory and not addressable by the host 
CPU. 

25 Preferably, the method includes storing critical data and control elements 
associated with the basic operation of the computer and access to the storage 
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device in a location separate from the memory and the storage device and not 
addressable by the host CPU. 

Preferably, the method Includes independently supplying the host CPU with said 
critical data and control elements for verification of the storage device and 
5 . operating the computer independently of the storage device during the start up 
sequence of the computer. 

Preferably, the method includes authenticating a user of the computer having a 
prescribed profile of access to the storage device. 

Preferably, said authenticating includes enabling a user of the computer to enter a 
10 login Identification and password and verifying the same to establish whether the 
user is an authorised user of the computer having a prescribed profile of access to 
the storage device before allowing the start up sequence of the computer to 
proceed further. 

Preferably, said login identification and passwords of authorised users and the 
15 prescribed profile of access thereof forni part of said critical data and control 
elements and the verifying includes comparing the entered login identification and 
password with the login identification and passwords within said critical data and 
control elements and authenticating a user if there is match. 

Preferably, the prescribed profile of access comprises a prescribed allocation of 
20 predetemilned levels of access pemiitted for an authorised user to prescribed 
partitions or zones of the storage device. 

Preferably, the method includes blocking all data access by the host CPU to the 
data storage device during initialisation of the computer and intercepting all said 
data access during the start up sequence after said initialisation. 

25 Preferably, said critical data and control elements Include identification data in 
respect of the storage device for enabling the computer to complete its peripheral 
check during said start up sequence. 
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Preferably, said critical data and control elements include a custom boot sector for 
the computer that includes invoking the autheniticating step; and the method 
includes assuming operation of the computer during said start up sequence \Anth 
the custom boot sector and authenticating the user of the computer at such time. 

5 Preferably, said authenticating includes enabling a particular prescribed level of 
authorised user to create and edit login identifications and passwords within the 
critical data and control elements for specifying authorised users having access to 
the storage device. 

Preferably, said authenticating includes enabling said particular prescribed level of 
10 authorised user to allocate and edit particular predetennined levels of access to 
said prescribed partitions or zones for all authorised users having access to the 
storage device vi/ithin the critical data and storage elements. 

In accordance with a further aspect of the present invention, there is provided a 
security device for a computer having a host central processing unit (CPU), 
15 memory used by the host CPU to load programs in order to operate the computer 
and a storage device for storing data to be handled by the computer, the security 
device comprising: 

processing means independent of the host CPU for controlling access 
between the host CPU and the storage device;and; 

20 intercepting means to block all data access by the host CPU to the data 

storage device before initialisation of the security device and intercept all 
said data access immediately after said initialisation under the control of 
said processing means; 

wherein said processing means effects independent control of the host 
25 CPU and configuration of the computer in a manner so as to prevent 

unauthorised access to the storage device on said intercepting means 
intercepting said data access immediately after said initialisation. 
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Preferably, the security device includes program memory means independent of 
the memory of the computer and the storage device to unalterably store and 
provide computer programs for operating the processing means in a prescribed 
manner to control said access. 

5 Preferably, the prescribed profile of access comprises a prescribed allocation of 
predetermined levels of access pennitted for an authorised user of the computer 
to prescribed partittons or zones of the storage device. 

Preferably, the security device is adapted to be connected only in line with the 
data access channel between the host CPU and the storage device, and off the 
1 0 main data and control bus of the host CPU. 

In accorxlance with another aspect of the present invention, there is provided a 
method for securing and protecting a storage device for storing data to be handled 
by a computer from unauthorised access, the computer having a host central 
processing unit (CPU) and memory used by the host CPU to load programs in 
15 order to operate the computer and storage device, the method comprising:- 

controlling access between the host CPU and the storage device 
independently of the host CPU; 

blocking all data access by the host CPU to the storage device during 
Initialisation of the computer; and 

20 Intercepting all said data access during the start up sequence after said 

Initialisation to effect independent control of the host CPU and configuration 
of the computer In a manner so as to prevent unauthorised access to the 
storage device thereafter. 
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Preferably, the method includes unalterably storing connputer programs for 
effecting said controlling access in a location separate from the memory and not 
addressable by the host CPU. 

Preferably, said login identification and passwords of authorised users and the 
5 prescribed profile of access thereof form part of said critical data and control 
elements and the verifying includes comparing the entered login identification and 
password with the login identification and passwords within said critical data and 
control elements and authenticating a user if there is match. 

Preferably, the prescribed profile of access comprises a prescribed allocation of 
10 predetermined levels of access pemiitted for an authorised user to prescribed 
partitions or zones of the storage device. 

In accordance with another aspect of the present invention, there is provided a 
security device for a computer having a host central processing unit (CPU), 
memory used by the host CPU to load programs in order to operate the computer 
15 and a storage device for storing data to be handled by the computer, the security 
device comprising: 

blocking means for selectively blocking data access between the host CPU 
and the storage device; and 

authentication means to authenticate a user of the computer having a 
20 prescribed profile of access to the storage device; 

wherein said blocking means maintains said blocking data access until said 
authentication means completes con^ct authentication of the user of the 
computer. 

Preferably, the security device includes processing means independent of the 
25 host CPU for controlling the operation of said blocking means for blocking access 
between the host CPU and the storage device in response to said autiientication 
means. 
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Preferably, the blocking means blocks all data access by the host CPU to the data 
storage device before In'rtlalisation of the security device and includes intercepting 
means to intercept all said data access immediately after said initialisation under 
the control of said processing means. 

5 Preferably, said processing means effects independent control of the host CPU 
and configuration of the computer in a manner so as to prevent unauthorised 
access to the storage device, upon said intercepting means intercepting said data 
access immediately after said initialisation and before loading of the operating 
system of the computer. 

10 Preferably, said authentication means enables a software boot of the computer to 
be effected after conect authentication of the user, and said processing means 
pemiits nomial loading of the operating system during the start up sequence of 
the computer following said software boot. 

Preferably, said processing means controls said blocking means to effect blocking 
1 5 access to the storage device after con^ct authentication of the user in accordance 
with the prescribed profile of access of the user. 

Preferably, the security device includes program memory means independent of 
the memory of the computer and the storage device to unalterably store and 
provide computer programs for operating the processing means in a prescribed 
20 manner to control said access. 

Preferably, the security device includes memory store means independent of the 
memory means and the storage device of the computer to store critical data and 
control elements associated with the basic operation of the computer and access 
to the storage device. 

25 Preferably, said critical data and control elements are supplied to and used by the 
host CPU for verification of the storage device and operating the computer 
independently of the storage device during the start up sequence of the computer. 
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Preferably, the authenitication means Includes a login verifying means to enable a 
user of the computer to enter a login identification and password and have that 
login identification and password verified to authenticate said user being an 
authorised user of the computer having a prescribed profile of access to the 
5 storage device before allowing the start up sequence of the computer to proceed 
further. 

Preferably, said login identification and passwords of authorised users and the 
prescribed pnDfile of access thereof fomi part of said critical data and control 
elements and said login verifying means accesses said critical data and control 
1 0 elements to effect authentication of a user. 

Preferably, the prescribed profile of access comprises a prescribed allocation of 
predetermined levels of access permitted for an authorised user of the computer 
to prescribed partitions or zones of the storage device. 

Preferably, the security device is adapted to be connected only in line with the 
15 data access channel between the host CPU and the storage device, and off the 
main data and control bus of the host CPU. 

In accordance with another aspect of the present invention, there is provided a 
method for securing and protecting a storage device for storing data to be handled 
by a computer from unauthorised access, the computer having a host central 
20 processing unit (CPU) and memory used by the host CPU to load programs in 
order to operate the computer and storage device, the method comprising:- 

selectively blocking all data access between the host CPU and the storage 
device; and 

authenticating a user of the computer having a prescribed profile of access 
25 to the storage device; 

wherein said blocking of data access is maintained until the user of the 
computer is correctly authenticated. 
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Preferably, said selective blocldng comprises controlling access between the host 
CPU and the storage device independently of the host CPU. 

Preferably, said selective blocking occurs during initialisation of the computer and 
includes intercepting ail said data access during the start up sequence 
5 immediately after said initialisation and before loading of the operating system of 
the computer to enable independent control of the host CPU and configuration of 
tiie computer in a manner so as to prevent unautiiorised access to the storage 
device. 

Preferably, the method includes performing a sofhArare boot of the computer after 
10 con-ect authentication of tiie user, and allowing nomial loading of the operating 
system during tine start up sequence of the computer tiiereafter. 

Preferably, the method includes controlling blocking access to tiie storage device 
after con^ct autiientication of tiie user in accordance with the prescribed profile of 
access of the user. 

15 Preferably, the method includes unalterably storing computer programs for 
effecting said controlling access in a location separate from the memory and not 
addressable by the host CPU. 

Preferably, said authenticating includes enabling a user of the computer to enter a 
login identification and password and verifying tiie same to establish whether the 
20 user is an autiiorised user of the computer having a prescribed profile of access to 
the storage device before allowing the start up sequence of the computer to 
proceed furtiier. 

Preferably, said login identification and passwords of authorised users and the 
prescribed profile of access tiiereof form part of said critical data and control 
25 elements and the verifying includes comparing the entered login identification and 
password witii the login identification and passwords within said critical data and 
control elements and authenticating a user if there is match. 
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Preferably, the prescribed profile of access comprises a prescribed allocation of 
predetermined levels of access permitted for an authorised user to prescribed 
partitions or zones of the storage device. 

Brief Description of the Drawings 

5 The invention will be better understood in the light of the following description of 
one specific embodiment thereof. The description is made with reference to the 
following drawings, wherein:- 

Figure 1 is a schematic box diagram of a typical computer system showing the 
physical location of the security device relative to the host CPU, main bus, 
10 interface logic and various peripheral devices; 

Figure 2 is a schematic box diagram of the security device itself showing its 
general functional make-up; 

Figure 3 is a flow chart showing the start up sequence of a nomial computer that 
is not equipped with the security device; 

15 Figures 4A and 4B are flow charts showing the start up sequence of a computer 
system equipped with the security device; 

Figure 5 is a flow chart showing the various states of operation of the security 
device from power on; 

Figure 6 is a flow chart showing the various processes pertbrmed by the 
20 authentication application program; 

Figure 7A shows the graphical specification fomiat of the general login graphical 
user interface (GUI) screen; 

Figure 7B shows tiie graphical specification fomiat of the nonnal user type login 
GUI screen; 



wo 03/003242 PCT/AU02/00847 

-14- 

Figure 7C shows the graphical specification format of the administrator type login 
GUI screen; 

Figure 7D shows the graphical specification fbmiat of the administrator's user edit 
GUI screen; and 

5 Figure 7E shows the specification format for the administrator's access edit GUI 
screen. 

Best Mode(s) for Carrying Out the Invention 

The embodiment is directed towards a personal computer (PC) system 
incorporating a security device for protecting a storage media of the computer 
10 system, which in the case of a PC may be one or more storage devices generally 
in the form of a hard disk drive (HDD). 

As shown in Figure 1 of the drawings, the computer system 11 generally 
comprises a central processing unit (CPU) 13 and a plurality of peripheral 
devices, which are connected via a main CPU address and data bus 15. The 
15 peripheral devices include a monitor 17, a l^eyboard 19 and one or more storage 
devices 21. In the present embodiment, the storage devices 21 communicate 
according to the ATA (AT attachment) standard and thus require an ATA channel 
to be provided between them and the remainder of the computer system 1 1 . 

These peripheral devices are connected to the main CPU bus 15 via appropriate 
20 interface logic 23, 27 and 31, each comprising decode logic and device I/O 
(input/output). The interface logic is characterised to allow communication 
between the CPU 13 and the particular peripheral device. 

In the case of the monitor 17, the interface logic 23 therefor is Integrated with a 
video adapter and is connected via a standard video cable 25 to the monitor; in 
25 the case of the Iceyboard 19, the interface logic 27 therefor is integrated with a 
keyboard port and is connected via an appropriate keyboard cable 29 to the 
keyboard; and in the case of the storage device(s) 21, the interfece logic 31 
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therefbr is integrated witii an ATA adapter and is connected via an ATA cable 33 
to the storage device(s) to provide the ATA channel. 

The security device 35 of the present embodiment is physically interposed inline 
with the ATA cable 33 between the ATA adapter provided on the device interface 
5 logic 31 and the storage devices 21. The ATA standard supports most types of 
storage device, including hard disi^ drives, CD-ROIVIS (which actually adopts the 
ATA/ATAPI enhancement to the ATA standard), flash memory, floppy drives, zip 
drives and tape drives. 

Under the ATA standand, ty/vo discrete storage devices may be controlled via the 
10 single interface logic 31 and ATA cable 33. Hence reference will be made 
hereinafter to "storage media", which will comprise either one or two storage 
devices, and will be used interchangeably with "storage device". 

In the case of PC's, the main type of storage device is the HDD. Most HDD's 
confonn to the IDE (Integrated Drive Electronics) hard drive standard or the EIDE 
15 (Enhanced IDE) hard drive standard, whereby the controller for the disk drive is 
located on the HDD itself as opposed to being directly connected to the 
motherboard of the PC. 

Although not shown in the drawings, other embodiments of the computer system 
may Involve storage devices connected to the main computer system via a SCSI 
20 (Small Computer Systems Interface) standard, which has its own con^sponding 
Interface logic. Accordingly, in the case of storage devices connected to the PC in 
this manner, the security device 35 would similarly be interposed between the 
SCSI drive device and the interface logic thereof. 

As shown In Figure 2 of the drawings, the security device 35 generally comprises 
25 a CPU 37, RAM (random access memory) 39, flash ROM (read only memory) 41 
and bus control and Interface logic 43, which in the present embodiment is 
adapted to the ATA standard for the purposes of protecting the ATA storage 
device 21. The bus control and Interface logic is typically embodied in FPGA 
(Field Programmable Gate Array) and/or ASIC (Application Specific Integrated 
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Circuit) devices that are connected so as to intercept and permit control of all 
communications between the host CPU 13 and the disk storage devices 21 under 
the control of the security device CPU 37. 

The security device 35 also Includes a secure media interface 45 that allows a 
5 separate secure storage media 47 to be connected to the security device via a 
custom interface 49. 

The security device CPU 37 operates according to a prescribed application 
program stored in the flash ROM 41 and which is loaded into the RAM 39 on start 
up and becomes the operating system for the security device. The CPU 37 

10 communicates with the bus control and interface logic 43, which is interposed in 
line with the ATA cable 33 to intercept communications between the host CPU 13 
and the storage media 21. The secure media Interface 45 is interposed between 
the bus control and interface logic 43 and the custom interface 49 to facilitate 
communications between the host CPU 13 and the secure storage media 47 

15 under the control of the CPU 37. This aspect of the operation of the security 
device is the subject of a separate invention and will not be further described 
herein. 

The functionality of the application program stored In flash ROM 41 and the 
operation of the security device 35 will now be described with reference to the 
20 remaining drawings. 

The application program stored in flash ROM 41 for the security device 35 is 
generally designed to intercept and control the computer system's boot process 
and provide authentication by means of a login ID and password before access to 
the protected storage media is pemnitted. Accordingly, the location of the security 

25 device 35 between the host CPU 13 and the storage media 21 is particularly 
designed so that the security device is able to filter all requests for infomiation and 
data flowing to and from the storage media. The security device 35 fonvards 
these requests to the storage media as appropriate, based on predetermined user 
profiles that are set up by a user having an administrator profile, which profiles are 

30 stored within the security device itself. These profiles are based on access to 
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different partitions and/or files within tJie storage media. Thus the designated 
administrator can set up data protection on a partition-by-partition and/or file-by- 
file basis in a manner that will be described in more detail later. 

In order to fully understand the operation of the security device, an appreciation is 
5 required of the normal boot process followed by a standard computer system. 
This boot process will now be described with reference to Figure 3 of the 
drawings. 

As shown in Figure 3, the nonnal start up sequence followed by a PC commences 
as indicated at step 51 with power on shown at 53. This Is also known as a "cold" 
10 boot, whereby ail left over data from the host CPU's Internal memory registers and 
RAM is cleared and the program counter of the CPU is set with the starting 
address to commence the boot process. This address Is the beginning of a boot 
program stored pennanently in the ROM BIOS (Basic Input Output System). 

The next step 55 involves the CPU using the address to find and invoke the ROM 
15 BIOS boot program. The ROM BIOS program goes through an initialisation phase 
that includes setting up hardware and software intenrupt vectors and invoking a 
series of system checks known as power-on self-tests (POSTs) as represented by 
step 57. 

The POST pnDcess Involves a series of tests to ensure that the RAM of the PC is 
20 functioning property. It then conducts another series of tests, which instruct the 
host CPU to check that the various peripheral devices, such as the video card and 
monitor 17, keyboard 19 and storage media 21, are present and functioning 
properly. 

On completing the POST, the BIOS then looks for addresses of BIOS extensions 
25 at step 59 that are held in the ROMs of peripheral devices to see if any of them 
have an extended BIOS to run. 

The first of these BIOS extensions is associated vwth the video card. This BIOS 
extension initialises the video card to operate the monitor as shown at step 61. 
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Upon completing initialisation of the video card, the BIOS then proceeds at step 
63 to mn other BIOS extensions for those peripheral devices that have them. 

The BIOS then proceeds to display the start up screen at step 65, before 
proceeding with conducting further tests on the system at step 67, including the 
5 memory test at step 67, which is displayed on the screen. 

The BIOS then perfomns a "system inventory" or equipment check to detemiine 
what type of peripheral hardware is connected to the system at step 69. With 
respect to HDD storage media, the BIOS program causes the host CPU to 
Interrogate the HDD requesting details such as the drive standard (ATA or SCSI), 
10 which level of standard (eg whether it is the old standard ATA 1-3 or the new 
standard ATA 6) the number of cylinders/heads/sectors, and whether it is capable 
of running In other modes. This stage of interrogation of the HDD Is known as 
"drive ID". 

The BIOS then proceeds to configure "logical" devices, such as Plug and Play 
1 5 devices, at step 71 and displays a message on the screen for each one it finds. 

The summary screen is then displayed at step 73 indicating the configuration of 
the computer system. The BIOS then checks for the specified boot sequence at 
step 75, where the order of priority of storage media to be checked for the location 
of a valid boot sector, from which the operating system of the computer may be 
20 loaded, is specified. The nomial order is to check the floppy disk drive (A:), thfen 
the hard disk (C:) or vice versa, or the CD ROM drive. 

Having identified the order of priority, the BIOS causes the CPU at step 77 to look 
for boot infomriation in each drive in sequence until a valid boot sector is located. 

The BIOS undertakes this process by invoking the software intenupt vector "int 19 
25 at step 79, which stores the address of the particular peripheral device in a 
software intemipt vector table that is set up during the initialisation phase of Uie 
BIOS. 
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For example, if the target boot drive is the HDD, the CPU looics for a master boot 
record or boot sector at cylinder 0, head 0, sector 1 (the first sector on the disk), at 
the address of the device specified in the table: If it is searching a floppy disk, it 
obtains the address of the floppy disk drive from the table and looks for a volume 
5 boot sector at the same location on the floppy disk, 

A valid boot sector is detemnined by the CPU checking the signature of the "ID 
byte", which nonnally comprises the first two bytes of the boot sector. If the 
signature signifies that a boot sector is present, the CPU then proceeds with 
loading the boot sector at step 81 into RAM and executes or runs the boot loader 
10 at step 83 for loading the various operating system files. 

In the case of the DOS operating system, the hidden files MS DOS.SYS, lO.SYS 
and COMMAND.COM are loaded and executed and then the files CONFIG.SYS 
and AUTOEXEC.BAT are loaded and mn to complete configuration of the 
computer system and allowing appropriate application programs to be initiated for 
1 5 subsequent operation of the computer system. 

In the case of the present embodiment incorporating the security device 35, the 
security device is programmed to block out all access of the host CPU 13 to the 
protected storage media 21 by intercepting the boot process at an eariy stage 
during operation of the BIOS. In addition, the security device provides for a 

20 custom boot sector to be loaded into the RAM of the host CPU 13, which then 
executes an authentication application program requiring correct user 
authentication before allowing the computer system to proceed with its nonnal 
boot sector operation and operating system loading. Since the latter operations 
require access to the protected storage media 21, this methodology ensures that 

25 such access is undertaken only after the supervisory control of the security device 
35 has been establish on a user-by-user basis. 

This manner of operation of the security device 35 is best explained in conjunction 
with Figures 4A, 4B and 5 of the drawings, which outline the operation of the 
computer system start up sequence with the security device installed in the 
30 manner previously described.. 
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In this arrangement, the cold boot process of the computer system 11 
commences with the start and power on steps 51 and 53, as in the case of the 
nomrjal computer start up sequence. At power on, however, the security device 
35, which is separately powered, undergoes its own initialisation phase 

5 commencing with the start step 100, whereupon all of its onboard resources are 
Initialised at step 101 and Its operating system program is loaded and run to enter 
Its first phase of operation as shown at step 102. The Initialisation phase of the 
security device 35 should proceed far more quicldy than It takes the BIOS of the 
computer system 11 to initialise, due to the reduced overheads of the security 

10 device as compared with those of the computer system. Accordingly, the 
operating system program stored In flash ROM 41 immediately invokes the 
security device CPU 37 at step 103 to control the bus control and interface logic 
43 and intercept all comniunications from the host CPU 13 to the storage media 
along the ATA channel, so that no communications are allowed between the host 

15 and the protected storage media 21 along the ATA cable at all during this time. 
Prior to this time the bus control and interf'ace logic 43 is not configured and so no 
access to the storage media is available prior to or during the Initialisation phase 
of the security device along the ATA cable, In any event. 

The security device CPU 33 then places a drive busy signal on the ATA channel 
20 to infomn the host CPU 13 of the status of the storage media 21 and proceeds 
with requesting the "drive ID" from the storage media, as shown at step 104. 

The operations of the security device 35 during this time occur quite 
independently of the BIOS, whereby the BIOS proceeds with perfonning steps 55 
through to 69, in accordance with its nonmal operation, until the "drive ID" check is 
25 perfomied by it at step 69. 

During steps 55 to 69, the security device 35 continues to block of all data 
communications from the host CPU 13, or any other external device, with the 
storage media 21. During this "drive busy" phase, the CPU 37 of the security 
device 35 is in a state waiting for the "drive ID" infomriation from the storage 
30 device. Once the security device CPU 37 receives the "drive ID" Infomriation from 
the storage media 21, the CPU 37 stores this In its RAM 39 and asserts a "drive 
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ready" signal on the ATA channel to indicate to the host CPU 13 that the storage 
media 21 is ready to provide the "drive ID". 

If the host CPU 13 has already reached the "drive ID" stage 69 and has been 
polling the drive interi'ace logic 31 during the "drive busy" phase for less than the 
5 requisite time period, or more nomially when the BIOS finally reaches the "drive 
ID" stage at step 69 after the security device CPU 37 has signalled the "drive 
ready" phase on the ATA channel, the host CPU 13 issues a request to the driver 
interface logic 31 of the "drive ID". 

Once this request is made at step 69, the security device CPU 37 intercepts the 
10 request at 105, continuing to block access to the storage media 21, and provides 
the host CPU 13 with the "drive ID" of the HDD(s) at step 106. 

The BIOS provides for a thirty one second period for the HDD to respond with the 
"drive ID" Infomiation stored describing it. Accordingly if the security device CPU 
37 is not able to provide the "drive ID" infonnation within this time, from the time 
15 that the BIOS reaches the "drive ID" equipment check stage 69, for whatever 
reason, then the BIOS will indicate that the storage media 21 at that location is not 
functional and bypass it. As the security device 35 is expected to be well and truly 
initialised and operational by this time, such a delay would generally be indicative 
that there is indeed a problem with the protected HDD(s). 

20 After supplying the host CPU 13 with the "drive ID", the security device 35 
advances to ite next state, still blocking data communications between the host 
CPU 13 and the protected storage media 21, whilst the BIOS program proceeds 
with its nomnal boot up procedure at steps 71 through to 81 , until it anives at step 
81 involving loading of a valid boot sector. 

25 During this state, the CPU 37 of the security device 35 waits for a boot sector 
request from the host CPU 13 to the driver interface logic 31. On receiving the 
BIOS request, instead of loading the boot sector stored on the protected storage 
device, the security device supplies a "custom" boot sector stored on its own flash 
ROM 41 to the host CPU as indicated by step 107. The CPU 13 then runs the 
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boot loader according to the custom boot sector, which causes a prescribed 
authentication application program stored within the flash ROI^ 41 to be loaded at 
step 109 and then executed at step 111. 

In the present embodiment the valid boot sector must be that which is stored on 
5 the protected storage media 21; othenvise the security device 35 never advances 
beyond its blocking state. Such an arrangement ensures the integrity of the 
security of the system by not allowing any external operating system, other than 
that which is provided on the protected storage media 21, to effect control of the 
host CPU 13 for the purposes of communicating with data stored on the protected 
10 storage media 21. 

Thus, in the normal operation of the computer system, where the BIOS targets the 
protected storage media 21 for the purposes of locating and loading the boot 
sector, the BIOS causes the host CPU 13 to request the boot sector from the 
protected storage media 21. 

15 The authentication application pnDgram essentially comprises a prescribed login 
application that only allows an authenticated user to continue with operation of the 
computer system 11. A user that is unable to be authenticated by the prescribed 
login application cannot continue to use the computer system. The detailed 
operation of the login application will be described in more detail later, but for the 

20 purpose of describing the system start up sequence, will be described in general 
terms. 

Moreover, the login application requires the user to enter a valid login name and 
password for the computer system to progress beyond the initial login stage. The 
login application in the present embodiment is designed to allow only three 
25 attempts at entering the con^ect login name and password. It should be 
appreciated that in other embedments the number of login attempts that may be 
allowed can be different, and in extreme security applications, may be limited to 
just one attempt. If the correct login name and password are not entered by the 
third attempt, the application program invokes a system halt (wherein the system 
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hangs or loops Indefinitely), which requires the entire cold boot process to be 
repeated. 

Valid login names and passwords associated therewith for ail users permitted 
access to the storage media 21 are stored in the flash ROM 41 of the security 
5 device 35. Accordingly, various communications proceed during this login phase 
between host CPU 13 under the control of the authentication application program 
and the security device CPU 37 as shown at 112. 

If the login is successful, as represented by step 113, the authentication 
application program proceeds in a manner to be described in more detail later. 

10 With respect to the security device 35, once the user has been authenticated, the 
data access profile previously stored for that particular user in the flash ROM 41 is 
set at 114 to detemnine the protocol of operation between the authentication 
application program and the operating system of the security device thereafter. 
During this phase of operation, the security device CPU 37 passes details of the 

15 data access profile of the particular user to the host CPU 13 for display. 
Depending upon the access level of the user, possibly login and password 
infonnation as well as data access profile information of other users having 
access to the storage media 21 are passed over to the host CPU for display and 
possible editing under the authentication application program. 

20 This phase of operation continues until the user invokes an "allow boot" process 
at step 115. Setting this status causes the security device 35 to enter the second 
phase of its operation at step 117. At this stage, the operating system being run 
by tiie security device CPU 37 configures the security device 35 to set tiie data 
access profile of tiie autiienticated user at step 119, which profile is thereafter 

25 enforced for determining the host CPU 13 access to the protected data storage 
media 21. 

The operating system of tiie security device 37 tiien signals ttie authentication 
application program run by tiie host CPU 13 at 120 that tiie security device bus 
contirol and interface logic 43 is configured to adopt tiie data access profile of tiie 
30 user, whereupon the application program at 121 issues the software interrupt 
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vector to the host CPU 13 invoking a "warm boof . The appropriate soft boot 
vector is then loaded and the host CPU 13 causes a soft system re-start or warni 
boot at step 85. 

During the software reset, the security device 35 then enters a waiting state for 
5 the boot sector request as indicated at 123, whilst enforcing the data access 
profile for all data communications betweein the host CPU 13 and the protected 
storage media 21 as shovim at 125. Importantly, whilst the corRputer sygtem 11 Is 
undergoing the system reset, its security device 35 still remains active and fully 
operational during this time. 

10 A software reset "wann boof invokes a special subroutine of the BIOS program 
that perfomis an abbreviated start up sequence. Moreover, essentially steps 51 
to 63 are bypassed and the BIOS program proceeds with operation at about step 
65. 

At step 69, which invokes the equipment check involving the "drive ID" with 
15 respect to the HDD, the operating system of the security device 35 no longer 
intercepts the request from the host CPU 13 to the protected storage media 21, as 
long as the access to the HDD of the storage media is in confonnance with the 
particular user data access profile that has been set by the operation of the 
security device 35 during the first phase of its operation. Such access will be 
20 permitted in most cases, unless the administrator has specifically baned the 
authenticated user from HDD access. 

Thus, the security device 35 allows the HDD of the storage media 21 to respond 
directly to the request with the "drive ID", whereupon the host CPU 13 advances 
the BIOS program through steps 71 to 81, in accordance with the nomial boot up 
25 sequence of the BIOS. 

Importantly, the initial part of the data access profile enforcement process involves 
the operating system of the security device 35 blocking access to the protected 
storage media 21 until a valid BIOS boot sector request Is detected from the host 
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CPU 13 via the ATA cable 33. Importantly, the security device CPU 37 rejects all 
other commands to the protected storage media during step 125. 

On the BIOS requesting a boot sector from the particular HDD of the protected 
storage media 21, the bus control and interface logic 43 of the security device 
5 allows the request to proceed. 

On the BIOS receiving a valid signature from the storage media, the host CPU 13 
then proceeds with loading the prescribed boot sector from the storage media 21 
at step 81 and proceeds running the boot loader to load the operating system 
from the storage media 21 at step 83, in accordance with the normal operation of 
1 0 the computer system. 

Following receipt of a valid BIOS request for the boot sector on the storage media 
21, the security device 35 then adopts a monitoring state of all media channel 
activity along the ATA cable 33 and configures the bus control and interface logic 
43 of the security device according to the set data access profile of the 
15 authenticated user as indicated at 127. Accordingly, the security device 35 only 
allows or disallows access to relevant partitions and files within the storage media 
21 in confonmance with the set user data access profile, whereby data that the 
user is not pennitted to access cannot be accessed by the user or by any vims, 
errant application program or unauthorised access. 

20 The security device 35 maintains this monitoring or supervisory state until the 
computer system 11 Is shutdown and powered off. Once power is switched off to 
the security device, all dynamic memory Is erased and access to the storage 
media is barred until the device is powered up and initialised again. 

Now having described the overall operation of the security device 35, the 
25 authentication application program will now be described in more detail with 
respect to the flow chart shown in Figure 6 and the GUI screen graphical 
specification formats as shown in Figures 7A through to 7E. 
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The user authentication application program, on being loaded by the boot loader 
at step 109 and run by the host CPU at step 111, conimences at 130 and initially 
causes a user login screen to be displayed at step 131, the graphical specification 
for which Is shown at Figure 7A of the drawings. The screen 132 is divided Into a 
5 heading frame 133, a login frame 135 and a message/log frame 137. 

The heading frame 133 has provision for the product trade rnarl^ at 139, the 
version number at 141, the screen name at 143 and provision for display of legal 
waming notices at 145. 

The login frame 135 includes banners for tiie text "user." at 147 and tiie text 
10 "password:" 149, with frames for respectively entering the user identification or 
"user ID" at 151 and the user password at 153. The message/log frame 
comprises a banner for displaying the text "messages" at 157 and a message 
frame 159, which displays status messages issued by the security device to tiie 
authentication application program as a scrollable list. A login button 155 is also 
15 provided in order for the user to invoke the processing of the user and password 
entries for authentication purposes by the security device. 

Whilst the screen 132 Is displayed, tiie application program waits for the login ID 
and password to be entered as shown at step 160. Activating tiie login button 155 
involves the authentication application program Invoking a process at 161 causing 

20 the host CPU 13 to pass the login details entered on the screen to the security 
device 35, whereupon the operating system of the security device causes tiie 
security device CPU 37 to compare the received login infomiation vmh stored 
login infomiation provided in the flash ROM 41. Depending upon whetiiertiiere Is 
a valid match between tiie entered user and password Information via the login 

25 screen and tiie stored user and password infomiation, tiie security device CPU 37 
returns eltiier a valid or invalid authentication signal to the host CPU 13. 

In the case of tiiere being a valid authentication as shown at 162, the CPU 37 also 
provides additional Information concerning the user type and associated device 
information depending upon the stored data access profile of the particular user. 
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In the case of there being an invalid authentication, a counter is 
incremented/decremented to record that a first unsuccessful attempt at 
authentication has been made and an appropriate message is displayed to the 
user on the message/log frame 137, indicating the failed status of the 
5 authentication attempt as shown at 163. As previously described, on three 
unsuccessful authentication attempts as shown at 164, the authentication 
application pn^gram causes a shutdown intenxipt vector to be involved by the host 
CPU 13 at 165, resulting in a complete shutdown of the computer system 11 
requiring a cold boot to restart the system. 

10 On valid authentication, the authentication application program tiien proceeds at 
166 with displaying one of either two types of login screen, depending upon tiie 
user type. In the present embodiment, there are two user types, one being a 
normal user, for which the screen as shown by the graphical specification at 
Figure 7B is displayed at step 167, and the otiier being an administrator for which 

15 the screen represented by the graphical specification at Figure 7C is displayed at 
step 168. 

The graphical specification for the normal user GUI screen 169 is generally 
divided into a heading frame 170, a login details firame 171 , a device details frame 
172 and a message/log frame 173. The screen also includes a launch system 
20 button 1 74 that will be further described. 

The heading frame 170 is essentially the same as tiie heading frame 133 for tiie 
general login screen, where the same reference numerals have been used to 
identify con-esponding attributes of the frame. In this case, however, the screen 
titie is modified to represent tiiat it is a user type login screen, as shown at 143 of 
25 the drawings. 

The login details frame 171 is similar to tiie login frame 147 of the preceding 
screen and accordingly tiie same reference numerals have been used to identify 
con^sponding attiibutes of tiie firame. The login details frame, however, includes 
a user ID display firame 175 to display the user ID as opposed to an entry frame in 
30 the proceeding screen. The login details frame also includes a new password 
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accept button 176, which is used in conjunction with the password entry frame 
153 to pemriit the user to change its password. Accordingly, activating the new 
password button 176 invokes a process within the authentication application 
program involving communication between the host CPU 13 and the security 
5 device CPU 37 to cause a change to the password stored within the flash ROM 
41 of the security device for the particular user as shown at 177. A standard 
routine involving confirmation of the new password is adopted, before the 
password changes are completed. 

The device details frame 172 includes a title banner 178. which displays the text 
10 "device information", as well as two further sub-banners displaying the text 
"master" at 179 and "slave" at 181. These sub-banners head regions for 
displaying infomnation about the prescribed device or devices that are protected 
by the security device 35. In the present embodiment, up to two storage devices 
are allowed, which is normal under the ATA standard, one being denoted the 
15 "master" device and the other being denoted the "slave" device. The respective 
regions detailing the device information include three further sub-level banners for 
displaying the text "device" at 183, "access" at 185 and "size MB" at 187. Display 
frames 189 for each sub-banner are respectively provided below the device, 
access and size banners for listing the device details that the user is permitted to 
20 observe on the master and/or slave device, as set by the administrator. 

For each observable device, the list displays: 

• the device number; 

• its access type for the user, and 

• the device size in MB (MegaBytes). 

25 The access type lists one of five possible designations: 

• read only, which is displayed in red text; 

• read/write, which is displayed in green text; 

• invisible, which is displayed in yellow text; 

• read directory entry, which is displayed in grey text; and 
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• delete, which is displayed in blue text. 

The message/log frame 173 includes a title banner 157 for displaying the text 
"messages" and a display frame 159, which displays status messages provided 
by the security device as a scrollable list, similar to the preceding screen. 

5 In the case of the user, the device infonnation is only provided for display 
purposes and cannot be changed. 

Now explaining the methodology behind the listings contained in the display 
frames 189 and the action provided thereby in more detail, in the present 
embodiment, the protected storage device is divided into zones or partitions that 

10 have different access level permissions depending upon the determination of the 
administrator. These partitions can be created in a known manner and are 
represented as separate devices for each type of storage device. For example, 
these partitions may comprise C:, D:, E: and F:. Thus, each user can have one of 
five types of access to these partitions, namely read only, read/write. Invisible, 

15 read directory entry and delete. 

Read only access means that the user can access all of the files existing in the 
designated partition, but can only read the file contents. The user has no write or 
delete permissions with respect to the files in that partition. 

Read/write access means that the user can access all of the files existing in the 
20 designated partition and perform both read and write functions with respect to the 
file contents, but has no delete permissions with respect to those files. 

Invisible access means that none of the files within the designated partition are 
accessable to the user in any fonm and are hidden, even to the extent that no file 
details can be listed or be visible at all in any directory listing of files for that 
25 partition available to the user. 



Read directory entry access means that the user may be able to list file details 
such as names and attributes in any directory listing of files in the designated 
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parHtion, but the user has no read, write or delete permissions In relation to any of 
the files in that partition. 

Delete access is the highest level of access to any files within a designated 
partition, whereby the user not only has full read and write permissions, but also 
5 delete permissions in relation to alt of the files in that partition. 

When the user is ready to continue on with operation of the computer system 1 1 , 
the launch system button 174 is activated as shown at 190, whereupon the 
authentication application program sends a signal to the security device 35 to set 
the "allow boof status therein as by step 191. Setting the "allow boof status 
10 invoices the commencement of the second phase of operation of the security 
device 35, as shown at step 117, allowing the system start up sequence to 
continue with the authenticiation application issuing a "wami boof intenrupt vector 
as step 120 in the manner as previously described. This halts the operation of the 
user authentication application pnDgram. 

15 In the case of the user type being an administrator, the administrator screen as 
represented by the graphical specification shown in Figure 7C is displayed to the 
user on the monitor via the authentication application program at step 168. The 
administrator type screen 192 is substantially similar to the user type screen and 
so the same reference numerals have been used to Identify conesponding 

20 attributes between the two screens. Accordingly, tiie administrator type screen is 
divided into a similar heading frame 193, login details 195, device details frame 
197 and a message/log frame 199. 

With respect to the banner title 143 of the heading frame 1 93, tine text is altered to 
indicate that the screen is for the administrator type login. 

25 The device details frame 197 and the message/log frame 199 are substantially 
identical to the corresponding attributes of the user type screen and will not be 
described further. The launch system button 174 functions in an identical manner 
to tiie launch system button of tiie preceding screen, whereby activation of tiie 
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. same as shown at 200 invokes the commencement of the second phase of 
operation of the security device 135 as previously described. 

With the login details frame 195. the same facility for changing the password of 
the administrator is provided as shown at step 201, with a similar entry frame 153 

5 and accept new password button 176, as in the case of the user type login. 
However, the login details frame also includes an edit users button 202, activation 
of which invokes an editing process within the authentication application pnDgram 
as shown at 203, allowing the administrator to create and edit data access profiles 
for individual users, so as to determine their data access profile for permitted 

10 access to the storage media 21. Activation of the button 201 causes the 
authentication application program to display at 204 an administrator editing 
screen to the user, the graphical specification of which is shown at Figure 7D of 
the drawings. 

The administrator users edit screen 205 is divided into a heading frame 206, an 
15 edit user details frame 207, a message/log frame 209 and a retum to admin login 
button 211. The heading frame 206, apart from having an appropriately worded 
title banner 143 denoting the screen as being an administrator edit users screen is 
identical to previous heading frames. Similarly, the message/log frame 209 is 
substantially Identical to the message/log frame with the preceding screens. Thus 
20 the same reference numerals have been used to identify corresponding attributes 
of each of these screens. 

With respect to the edit users details frame 207, this comprises a title banner 
depicting the text "user list" as shown at 213 and sub-title banners depicting the 
text "usei* at 215, "password" at 217 and "access" at 219. An editable frame 221 

25 is provided below the sub-banners in which is displayed a scnDllable and editable 
list of all users having access to the protected storage media 21. This list is 
derived from data stored within the flash ROM 41 of the storage device arising 
from communications between the host CPU 13, under the control of the 
authentication application program, and the security device CPU 37, under the 

30 control of the operating system thereof. 
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Each user entry in the list contains: 

• the user ID; 

• password; and 

• access button; 

5 under the respective suthtitle banners 21 5, 21 7 and 219. 

Upon pressing the access button for a particular user, the access edit screen will 
appear for that user. The administrator editing process allows a user to be 
deleted by the administrator through the edit frame 221 by selecting their entry 
and pressing the ALT-d key sequence on the keyboard. 

10 A create new user button 223 is also Included within the edit user details frame 
207 for creating a new user. Activation of the button 223 invokes a prescribed 
process within the authentication application program as shown at 224. This 
process causes a dialogue box to be displayed over the administrator edit users 
screen 205 providing for frames for entering the user ID and password, and an 

1 5 accept button, whereupon activation of which causes the user and password to be 
displayed in the edit frame 221 as shown at 225. Each new user has an initial 
default data access profile, which sets up all partition devices as hidden, until 
such time as the administrator edits the data access profile for the user using the 
access edit screen. The administrator accesses this screen by activating the 

20 conesponding access button as shown at 226 for the user requiring editing In the 
edit frame 221. 

The retum to admin login button 21 1 is provided to allow the administrator to 
return to the administrator type login screen 191 from the administrator edit users 
screen 205 as shown at 227. 

25 Activating the access button beneath the sub-title banner 219 aldngside any user 
listed in the user list of the edit user details frame 207 causes the authentication 
application program to display at step 228 the administrator access edit screen, 
the graphical specification of which is shown in Figure 7E of the drawings. The 
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administrator access edit screen 229 is divided Into a heading frame 230 and an 
edit access details frame 231, a message/log frame 232 and a retum to admin 
user text edit screen button 233. 

The heading frame 230 is the same as in preceding screens except that the title 
5 banner is provided with appropriate text to identify that the screen is of the 
administrator access edit type as shown at 235. The message/log frame 232 is 
the same as In proceeding screens and accordingly the same reference numerals 
have been used to identify con-esponding attributes between the screens. 

The edit access details frame 231 comprises a head banner 235 displaying the 
10 text "access details", a sub-banner 237 containing the text "user^ and a display 
frame 239 adjacent thereto for displaying the user ID of the particular user 
selected from the administrator edit user screen 205. 

The edit access details frame 229 then provides a similar frame set up to the 
device frames of the user type login screen 169 and the administrator type login 
15 screen 192, whereby banners for the "master'' and "slave" storage media 
protected by the security device 35 provided at 179 and 181 and respective sub- 
title banners 183, 185 and 187 detailing the "device", "access" and "size (MB)" 
titles respectively are provided for each device. 

Device detail frames 239 are provided below each of these sub-title banners 
20 similar to the display frames 189 of the device detail frames 172 and 197 of the 
user login and administrator login screens respectively. The device detail frames 
239, however, are editable, whereas the fonner two were not. Accordingly, each 
device details frame lists the device number under the sub-title banner 183, the 
access type for the user under the sub-title banner 185 and the device size in MB 
25 under the size (MB) sub-title banner 1 87. 

The access type for the user is divided into five types: 

• read only, depicted in red text; 

• read/write, depicted in green text; and 
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• invisible, depicted in yellow text; 

• read directory entry, depicted in grey text; and 

• delete, depicted in blue text. 

As in tlie previous case, \he device numbers represent each of the partitions that 
5 are created for the particular storage media device. This, together with the size 
infonnation, .is display only, as detennined by the infomnation prescribed for the 
particular partition stored within the flash ROM 41 of the security device, whereas 
the access type is editable by highlighting and clicking the displayed entry. In this 
respect, the displayed entries cycle between .read only, read/write, invisible, read 
10 directory entry and delete through the graphical user interface by clicking an 
invisible frame around the displayed text. 

In this manner, the access type for each partition can be individually set and 
edited to create a particular data access profile for the selected user. The 
particular data access profile created for the user is processed by the 
15 authentication application program and supplied to the security device 35 on 
activating the return to admin user edit screen button 233 as shown at 241 . At 
this time, the display data access profile as determined by the administrator is 
communicated to the security device CPU 35 by the host CPU 13 and stored 
within the security device flash ROM 41 . 

20 Simultaneously, the authentication application program returns to displaying the 
administrator edit user screen 205 from which the administrator can select and 
edit the data access profile of other users in the edit list 207. 

Now having described the function and the various processes performed by the 
computer system and the security device in the specific embodiment, it can be 
25 seen that the subject invention has several distinguishing and advantageous 
attributes and features compared with known prior art systems. 

In particular it should be appreciated that the security device itself described in the 
specific embodiment is physically disposed and connected solely to the data 
access channel between the computer system and the intert'ace logic 
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communicating with the main CPU data and address bus 15 and the storage 
media 21. Importantly, the security device is not connected directly to the main 
bus 15, thereby preventing any opportunity of the device to act as an addressable 
device and be over-ridden by the operation of the host CPU 13. 

5 Furthermore, being confined to communicating along the data access channel to 
the storage media and the more generic standardisation of such access channels 
compared with main bus structures of computer systems, increases the utility of 
the security device for use with a large number of different types of computer 
systems which may have varying bus structures but utilise the same data access 

10 channel standard. In this respect, there are only a few common types of data 
access channel, ATA, SCSI, fibre, USB (Universal Serial Bus) etc, whereas the 
diversity and complexity of bus structures are far more widespread. 

Another attribute of the present embodiment is that the security device intercepts 
communication with the protected data storage media at the eariiest possible 

15 stage in the computer start up sequence and is entirely self-contained and 
connected -in as part of the computer system. Other types of data storage 
protection devices and anti-virus systems are not entirely self-contained, requiring 
set up by inserting a separate floppy disk, CD ROM. or other way of installing 
software onto the host computer, which is not accessed until well into the BIOS 

20 program after performance of the "device ID", where the storage device is 
vulnerable to unauthorised access, or even well after the installation of the 
operating system files. In particular, when compared with software protection 
systems, which tend to be the main type of anti-vims protection system being 
promoted at present, the operating system of the computer needs to be loaded 

25 before the application program can be run, which provides huge openings for 
unauthorised access to the storage device as can be seen from the 
aforementioned description, before any type of protection can be provided by the 
anti-virus application program. 

Another attribute of the described embodiment is the two phase process 
30 undertaken during the start up sequence of the computer system, whereby the 
BIOS is interrupted at the device ID check stage and an authentication process is 
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performed prior to loading of the boot sector from the protected storage device 
and the operating system thereof. Thus, it is only after valid authentication of the 
user starting up the machine for the first time has been undertalcen that access to 
the storage device is allowed at >which time access Is only permitted to the 
5 protected storage media in accordance with the pre-detemnined data access 
profile of the particular user. 

It should be also appreciated that the particular configuration of the security 
device 35 provides for extendibility, allowing for other types of storage media 47 to 
be connected thereto via a custom interface 49 and secure media interface 45. 

10 It should be appreciated that the scope of the present Invention is not limited to 
the particular embodiment herein described and tiiat other embodiments of the 
invention may be envisaged without departing from the scope or spirit of the 
present invention. For example, the physical location of the security device may 
not be limited to being interposed intermediately of the cable connecting the 

1 5 storage device or media to the interface logic, whereby the security device may 
instead repose directly upon the system card adjacent the interface logic prior to 
the physical cable connector at the computer end, or directly upon the HDD of the 
storage media adjacent to the disk controller after the physical cable connector at 
the HDD end. 
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The Claims Defining tlie Invention are as Follows 

1. A security device for a computer having a host central processing unit (CPU), 
memory used by the host CPU to load programs in order to operate the 
computer and a storage device for storing data to be handled by the 
5 computer, the security device comprising: 

processing means independent of the host CPU for controlling access 
between the host CPU and the storage device; and 

program memory means independent of the memory of the computer and 
the storage device to unalterably store and provide computer programs for 
10 operating the processing means in a prescribed manner to control said 

access; 

wherein the security device Is to be connected only in line with the data 
access channel between the host CPU and the storage device, and off the 
main data and control bus of the host CPU. 

15 2. A security device as claimed in claim 1, including memory store means 
independent of the memory means and the storage device of the computer to 
store critical data and control elements associated with the basic operation of 
the computer and access to the storage device. 

3. A security device as claimed in claim 2, wherein said critical data and control 
20 elements are supplied to and used by the host CPU for verification of the 

storage device and operating the computer independently of the storage 
device during the start up sequence of the computer. 

4. A security device as claimed in any one of the preceding claims, including 
authentication means to authenticate a user of the computer having a 

25 prescribed profile of access to the storage device. 
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5. A security device as claimed in claim 4, wherein tlie authenitication means 
includes a login verifying means to enable a user of the computer to enter a 
login identification and password and have that login identification and 
password verified to authenticate said user being an authorised user of the 

5 computer having a prescribed profile of access to the storage device before 
allowing the start up sequence of the computer to proceed further. 

6. A security device as claimed in claim 5, wherein said login identification and 
passwords of authorised users and the prescribed profile of access thereof 
form part of said critical data and control elements and said login verifying 

10 means accesses said critical data and control elements to effect 
authentication of a user. 

7. A security device as claimed in claim 5 or 6. wherein the prescribed profile of 
access comprises a prescribed allocation of predetermined levels of access 
permitted for an authorised user of the computer to prescribed partitions or 

1 5 zones of the storage device. 

8. A security device as claimed in any one of the preceding claims, the security 
device includes intercepting means to block all data access by the host CPU 
to the data storage device before initialisation of the security device and 
intercept all said data access immediately after said initialisation under the 

20 control of said processing means. 

9. A security device as claimed in claim 3, or any one of claims 4 to 8 as 
dependent on claim 3, wherein said critical data and control elements include 
identification data in respect of the storage device for enabling the computer 
to complete its peripheral checic during said start up sequence. 

25 10. A security device as claimed in claim 4, or any one of claims 5 to 9 as 
dependent on claim 4, wherein said critical data and control elements are 
supplied to and used by the host CPU for verification of the storage device 
and operating the computer independently of the storage device during the 
start up sequence of the computer, and include a custom boot sector that 
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includes invoking said authentication means for assuming operation of the 
computer during said start up sequence. 

1 1 . A security device as claimed in any one of claims 4 to 7, or any one of claims 
8 to 10 as dependent on claim 4. wherein the authentication means includes 

5 an authentication application program stored in the program memory means, 
the memory store means or the storage device. 

12. A security device as claimed in claim 11, wherein the authentication 
application program includes user editing means to enable an authorised user 
having a pariJcular prescribed level of access to create and edit authorised 

1 0 users for accessing the storage device. 

13. A security device as claimed in claim 12 or 13, wherein the authentication 
application program includes access profile editing means to enable said 
authorised user having a particular prescribed level of access to allocate and 
edit particular predetemnined levels of access to said prescribed partitions or 

15 zones for all authorised users having access to the storage device. 

14. A method for securing and protecting a storage device for storing data to be 
handled by a computer from unauthorised access, the computer having a host 
central processing unit (CPU) and memory used by the host CPU to load 
programs In order to operate the computer and storage device, the method 

20 comprising:- 

controlllng access between the host CPU and the storage device 
independently of the host CPU; and 

unalterably storing computer programs for effecting said controlling access 
in a location separate from the memory and not addressable by the host 
25 CPU. 

15. A method as claimed in claim 14, including storing critical data and control 
elements associated with the basic operation of the computer and access to 
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the storage device in a location separate from the memory and the storage 
device and not addressable by the host CPU. 

16. A method as claimed in claim 15. including independently supplying the host 
CPU \Anth said critical data and control elements for verification of the storage 

5 device and operating the computer independently of the storage device during 
the start up sequence of the computer. 

17. A method as claimed in any one of claims 14 to 16, including authenticating a 
user of the computer having a prescribed profile of access to the storage 
device. 

10 18. A method as claimed in claim 17. wherein said authenticating includes 
enabling a user of the computer to enter a login identification and password 
and verifying the same to establish whether the user is an authorised user of 
the computer having a prescribed profile of access to the storage device 
before allowing the start up sequence of the computer to proceed further. 

15 19. A method as claimed in claim 18, wherein said login identification and 
passwords of authorised users and the prescribed profile of access thereof 
form part of said critical data and control elements and the verifying includes 
comparing the entered login identification and password with the login 
identification and passwords wrthin said critical data and control elements and 

20 authenticating a user if there is match. 

20. A method as claimed in claim 18 or 19, wherein the prescribed profile of 
access comprises a prescribed allocation of predetemnined levels of access 
permitted for an authorised user to prescribed part:ffions or zones of the 
storage device. 

25 21. A method as claimed in any one of claims 14 to 20, including blocking all data 
access by the host CPU to the data storage device during initialisation of the 
computer and intercepting all said data access during the start up sequence 
after said initialisation. 
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22. A method as claimed in claim 15 or any one of claims 16 to 21 as dependent 
on claim 15, wherein said critical data and control elements include 
Identification data in respect of the storage device for enabling the computer 
to complete its peripheral check during said start up sequence. 

5 23. A method as claimed in any one of claims 17 to 20, or claim 21 or 22 as 
dependent on claim 17, wherein said critical data and control elements 
include a custom boot sector for the computer that includes invoking the 
authenlticating step; and the method includes assuming operation of the 
computer during said start up sequence with the custom boot sector and 

1 0 authenticating the user of the computer at such time. 

24. A method as claimed in any one of claims 17 to 20, or any of claims 21 to 23 
as dependent on claim 17, wherein said authenticating includes enabling a 
particular prescribed level of authorised user to create and edit login 
identifications and passwords within the critical data and control elements for 

15 specifying authorised users having access to the storage device. 

25. A method as claimed in claim 24, wherein said authenticating includes 
enabling said particular prescribed level of authorised user to allocate and edit 
particular predetemiined levels of access to said prescribed partitions or 
zones for all authorised users having access to the storage device within the 

20 critical data and storage elements. 

26. A security device for a computer having a host central processing unit (CPU), 
memory used by the host CPU to load programs In order to operate the 
computer and a storage device for storing data to be handled by the 
computer, the security device comprising: 

25 processing means independent of the host CPU for controlling access 

between the host CPU and the storage device;and; 

intercepting means to block all data access by the host CPU to the data 
storage device before initialisation of the security device and intercept all 
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said data access immediately after said initialisation under the control of 
said processing means; 

wherein said processing means effects independent control of the host 
CPU and configuration of the computer in a manner so as to prevent 
5 unauthorised access to the storage device on said intercepting means 

intercepting said data access immediately after said initialisation. 

27. A security device as claimed in claim 26, including program memory means 
independent of the memory of the computer and the storage device to 
unalterably store and provide computer programs for operating the processing 

10 means in a prescribed manner to control said access. 

28. A security device as claimed in claim 26 or 27, including memory store means 
independent of the memory means and the storage device of the computer to 
store critical data and control elements associated with the basic operation of 
the computer and access to the storage device. 

15 29. A security device as claimed in claim 28, wherein said critical data and control 
elements are supplied to and used by the host CPU for verification of the 
storage device and operating the computer independently of the storage 
device during the start up sequence of the computer. 

30. A security device as claimed in claim 29, wherein said critical data and control 
20 elements include identification data in respect of the storage device for 

enabling the computer to complete its peripheral check during said start up 
sequence. 

31. A security device as claimed in any one of claims 26 to 30, including 
authentication means to authenticate a user of the computer having a 

25 prescribed profile of access to the storage device. 

32. A security device as claimed in claim 31 as dependent on claim 29, said 
critical data and control elements include a custom boot sector that includes 
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invoklng said authentication means for assuming operation of the computer 
during said start up sequence. 

33. A security device as claimed in claim 31 as dependent on claim 29, or claim 
32, wherein the authenitication means includes a login verifying means to 
5 enable a user of the computer to enter a login identification and password and 
have that login identification and password verified to authenticate said user 
being an authorised user of the computer having a prescribed profile of 
access to the storage device before allowing the start up sequence of the 
computer to proceed further. 

10 34. A security device as claimed in claim 33, wherein said login identification and 
passwords of authorised users and the prescribed profile of access thereof 
form part of said critical data and control elements and said login verifying 
means accesses said critical data and control elements to effect 
authentication of a user. 

15 35. A security device as claimed in claim 33 or 34, the prescribed profile of 
access comprises a prescribed allocation of predetermined levels of access 
pemriitted for an authorised user of the computer to prescribed partitions or 
zones of the storage device. 

35. A security device as claimed in any one of claims 31 to 35, wherein the 
20 authentication means includes an authentication application program stored in 
the program memory means, the memory store means or the storage device. 

37. A security device as claimed in claim 36, wherein the authentication 
application program includes user editing means to enable an authorised user 
having a particular prescribed level of access to create and edit authorised 

25 users for accessing the storage device. 

38. A security device as claimed in claim 36 or 37, wherein the authentication 
application program includes access profile editing means to enable said 
authorised user having a particular prescribed level of access to allocate and 
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edit particular predetermined levels of access to said prescribed partitions or 
zones for ail authorised users having access to the storage device. 

39. A security device as claimed in any one of claims 26 to 38, wherein the 
security device is adapted to be connected only in line with the data access 

5 channel between the host CPU and the storage device, and off the main data 
and control bus of the host CPU. 

40. A method for securing and protecting a storage device for storing data to be 
handled by a computer from unauthorised access, the computer having a host 
central processing unit (CPU) and memory used by the host CPU to load 

10 programs in order to operate the comrputer and storage device, the method 
comprising:- 

controlling access between the host CPU and the storage device 
independently of the host CPU; 

blocking all data access by the host CPU to the storage device during 
1 5 initialisation of the computer; and 

intercepting all said data access during the start up sequence after said 
initialisation to effect independent control of the host CPU and configuration 
of the computer in a manner so as to prevent unauthorised access to the 
storage device thereafter. 

20 41. A method as claimed in claim 40. including unalterably storing computer 
programs for effecting said controlling access in a location separate from the 
memory and not addressable by the host CPU. 

42. A method as claimed in claim 40 or 41. including storing critical data and 
control elements associated with the basic operation of the computer and 
25 access to the storage device in a location separate from the memory and the 
storage device and not addressable by the host CPU. 
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43. A method as claimed in claim 42, including independently supplying the host 
CPU with said critical data and control elements for verification of the storage 
device and operating the computer independently of the storage device during 
the start up sequence of the computer. 

5 44. A method as claimed in claim 43, wherein said critical data and control 
elements include identification data in respect of the storage device for 
enabling the computer to complete its peripheral check during said start up 
sequence. 

45. A method as claimed in any one of claims 40 to 44, including authenticating a 
10 user of the computer having a prescribed profile of access to the storage 

device. 

46. A method as claimed in claim 45, as dependent on claim 43. wherein said 
critical data and control elements include a custom boot sector for the 
computer that includes invoking the autheniticating step; and the method 

15 includes assuming operation of the computer during said start up sequence 
with the custom boot sector and authenticating the user of the computer at 
such time. 

47. A method as claimed in claim 45 or 46, as dependent on claim 43, wherein 
said authenticating includes enabling a user of the computer to enter a login 

20 identification and password and verifying the same to establish whether the 
user is an authorised user of the computer having a prescribed profile of 
access to the storage device before allowing the start up sequence of the 
computer to proceed further. 

48. A method as claimed in claim 47, wherein said login identification and 
25 passwords of authorised users and the prescribed profile of access thereof 

fomi part of said critical data and control elements and the verifying includes 
comparing the entered login identification and password with the login 
Identification and passwords within said critical data and control elements and 
authenticating a user if tfiere is match. 
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49. A method as claimed in claim 48, wherein the prescribed profile of access 
comprises a prescribed allocation of predetemnined levels of access pemiitted 
for an authorised user to prescribed partitions or zones of the storage device. 

50. A method as claimed in claim 49, wherein said authenticating includes 
5 enabling a particular prescribed level of authorised user to create and edit 

login identifications and passwords within the critical data and control 
elements for specifying authorised users having access to the storage device. 

51. A method as claimed in claim 50, wherein said authenticating includes 
enabling said particular prescribed level of authorised user to allocate and edit 

10 particular predetermined levels of access to said prescribed partitions or 
zones for all authorised users having access to the storage device within the 
critical data and storage elements. 

52. A security device for a computer having a host central processing unit (CPU), 
memory used by the host CPU to load programs in order to operate the 

15 computer and a storage device for storing data to be handled by the 
computer, the security device comprising: 

blocking means for selectively blocking data access between the host CPU 
and the storage device; and 

authentication means to authenticate a user of the computer having a 
20 prescribed profile of access to the storage device; 

wherein said blocking means maintains said blocking data access until said 
authentication means completes correct authentication of the user of the 
computer. 

53. A security device as claimed in claim 52, including processing means 
25 independent of the host CPU for controlling the operation of said blocking 

means for blocking access between the host CPU and the storage device In 
response to said authentication means. 
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54. A security device as claimed in claim 53, wherein tlie blocking means blocks 
all data access by the host CPU to the data storage device before initialisation 
of the security device and includes intercepting means to intercept all said 
data access immediately after said initialisation under the control of said 

5 processing means. 

55. A security device as claimed in claim 54, wherein said processing means 
effects independent control of the host CPU and configuration of the computer 
in a manner so as to prevent unauthorised access to the storage device, upon 
said intercepting means intercepting said data access immediately after said 

10 initialisation and before loading of the operating system of the computer, 

56. A security device as claimed in any one of claims 53 to 55, wherein said 
authentication means enables a software boot of the computer to be effected 
after connect authentication of the user, and said processing means pemiits 
nomial loading of the operating system during the start up sequence of the 

1 5 computer following said software boot. 

57- A security device as claimed in any one of claims 53 to 56, said processing 
means controls said blocking means to effect blocking access to the storage 
device after correct authentication of the user in accordance with the 
prescribed profile of access of the user. 

20 58. A security device as claimed in any one of claims 53 to 57, Including program 
memory means independent of the memory of the computer and the storage 
device to unalterably store and provide computer programs for operating the 
processing means in a prescribed manner to control said access. 

59. A security device as claimed in any one of claims 52 to 58 including memory 
25 store means independent of the memory means and the storage device of the 
computer to store critical data and control elements associated with the basic 
operation of the computer and access to the storage device. 
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60. A security device as claimed in claim 59, wherein said critical data and control 
elements are supplied to and used by the host CPU for verification of the 
storage device and operating the computer independently of the storage 
device during the start up sequence of the computer. 

5 61 . A security device as claimed in claim 60, wherein said critical data and control 
elements include identification data in respect of the storage device for 
enabling the computer to complete Its peripheral check during said start up 
sequence. 

62. A security device as claimed in claim 60 or 61, wherein said critical data and 
10 control elements include a custom boot sector that includes invoking said 

authentication means for assuming operation of the computer during said start 
up sequence. 

63. A security device as claimed in any one of claims 60 to 62, wherein the 
authentication means includes a login verifying means to enable a user of the 

15 computer to enter a login identification and password and have that login 
identification and password verified to authenticate said user being an 
authorised user of the computer having a prescribed profile of access to the 
storage device before allowing the start up sequence of the computer to 
proceed further. 

20 64. A security device as claimed in claim 63, wherein said login identification and 
passwords of authorised users and the prescribed profile of access thereof 
form part of said critical data and control elements and said login verifying 
means accesses said critical data and control elements to effect 
authentication of a user. 

25 65. A security device as claimed in any one of claims 52 to 64, wherein the 
prescribed profile of access comprises a prescribed allocation of 
predetemnined levels of access pemriitted for an authorised user of the 
computer to prescribed partitions or zones of the storage device. 
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66. A security device as claimed in any one of claims 52 to 65, wherein tlie 
authentication means includes an authentication application program stored in 
the program memory means, the memory store means or the storage device. 

67. A security device as claimed in claim 66, wherein the autiientication 
5 application program includes user editing means to enable an authorised user 

having a particular prescribed level of access to create and edit authorised 
users for accessing the storage device. 

68. A security device as claimed in claim 67 as dependent on claim 65, wherein 
the authentication application program includes access profile editing means 

10 to enable said authorised user having a particular prescribed level of access 
to allocate and edit particular predetennined levels of access to said 
prescribed partitions or zones for all authorised users having access to the 
storage device. 

69. A security device as claimed in any one of claims 52 to 68, wherein the 
15 security device is adapted to be connected only in line with the data access 

channel between the host CPU and the storage device, and off the main data 
and control bus of the host CPU. 

70. A method for securing and protecting a storage device for storing data to be 
handled by a computer from unauthorised access, the computer having a host 

20 central processing unit (CPU) and memory used by the host CPU to load 
programs in order to operate the computer and storage device, the method 
comprising:- 

selectively blocking all data access between the host GPU and the storage 
device; and 

25 authenticating a user of the computer having a prescribed profile of access 

to the storage device; 
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wherein said blocking of data access is maintained until the user of ttie 
computer is conrectly authenticated. 

71. A method as claimed in claim 70, wherein said selective blocking comprises 
controlling access between the host CPU and the storage device 

5 independently of the host CPU. 

72. A method as claimed in claim 71, wherein said selective blocking occurs 
during initialisation of the computer and includes intercepting all said data 
access during the start up sequence immediately after said initialisation and 
before loading of the operating system of the computer to enable Independent 

10 control of the host CPU and configuration of the computer in a manner so as 
to prevent unauthorised access to the storage device. 

73. A method as claimed in any one of claims 70 to 72, including perfonning a 
software boot of the computer after correct authentication of the user, and 
allowing nomial loading of the operating system during the start up sequence 

15 of the computer thereafter. 

74. A method as claimed in any one of claims 70 to 73, including controlling 
blocking access to the storage device after correct authenticatbn of the user 
in accordance vwth the prescribed profile of access of the user. 

75. A method as claimed in claim 71 or 72, or claim 73 or 74 as dependent on 
20 claim 71, including unalterably storing computer programs for effecting said 

controlling access in a location separate from the memory and not 
addressable by the host CPU. 

76. A method as claimed in any one of claims 70 to 75, including storing critical 
data and control elements associated with the basic operation of the computer 

25 and access to the storage device in a location separate from the memory and 
the storage device and not addressable by the host CPU. 
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77. A method as claimed In claim 76, Including Independently supplying the host 
CPU with said critical data and control elements for verification of the storage 
device and operating the computer independently of the storage device during 
the start up sequence of the computer. 

5 78. A method as claimed in claim 77, wherein said critical data and control 
elements include identification data In respect of the storage device for 
' enabling the computer to complete its peripheral check during said start up 
sequence. 

79. A method as claimed in claim 77 or 78, wherein said critical data and control 
10 elements include a custom boot sector for the computer that includes invoking 

the autheniticating step; and the method includes assuming operation of the 
computer during said start up sequence with the custom boot sector and 
authenticating the user of the computer at such time. 

80. A method as claimed in any one of claims 70 to 79, wherein said 
15 authenticating includes enabling a user of the computer to enter a login 

identification and password and verifying the same to establish whether the 
user is an authorised user of the computer having a prescribed profile of 
access to the storage device before allowing the start up sequence of the 
computer to proceed further. 

20 81. A method as claimed in claim 80, wherein said login identification and 
passwords of authorised users and the prescribed profile of access thereof 
fonn part of said critical data and control elements and the verifying includes 
comparing the entered login identification and password with the login 
identification and passwords within said critical data and control elements and 

25 authenticating a user If there is match. 

82. A method as claimed in any one of claims 70 to 81, wherein the prescribed 
profile of access comprises a prescribed allocation of predetermined levels of 
access permitted for an authorised user to prescribed partitions or zones of 
the storage device. 
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83. A method as claimed in claim 82 as dependent on claim 76, wherein said 
authenticating includes enabling a particular prescribed level of authorised 
user to create and edit login identifications and passwords within the critical 
data and control elements for specifying authorised users having access to 

5 the storage device. 

84. A method as claimed in claim 83, wherein said authenticating includes 
enabling said particular prescribed level of authorised user to allocate and edit 
particular predetennined levels of access to said prescribed partitions or 
zones for all authorised users having access to the storage device within the 

10 critical data and storage elements. 

85. A security device for computers substantially as described herein with 
reference to the accompanying drawings as appropriate. 

86. A method for securing and protecting a storage device for storing data to be 
handled by a computer from unauthorised access substantially as described 

1 5 herein with reference to the accompanying drawings as appropriate. 
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Figure 7B 
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GUI — Admin Screen 



Userr 





Admin Login Screen 




Slave 



Messages 



^181 



'189 




Figure 7C 



SUBSTITUTE SHEET (RULE 26) 



PCT/AC02/00847 



11/12 



GUI - Admin Users Edit Screen 
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GUI - Admin Access Edit Screen 
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